Extended Post-installation test framework to support Network Policies

[kanha-gupta]

It supports All ingress deny policy and All egress deny policy to conduct testing.
Ingress gets applied on echoSameNode and echoOtherNode deployments and Egress is applied on client deployment in order to conduct testing.

[kanha-gupta]

The framework currently utilises runagnhostcommand function which needs some discussion because networkpolicy tests requires receiving error in order to ensure its working fine and therefore runagnhostcommand gives logs such as :

[kind-kind] Running test: all-ingress-deny-connectivity
[kind-kind] -------------------------------------------------------------------------------------------
[kind-kind] Waiting for Network policy all-ingress-deny to get applied successfully...
[kind-kind] Network policy all-ingress-deny is ready.
[kind-kind] /agnhost command '/agnhost connect echo-same-node:80 --timeout=5s' failed: command terminated with exit code 1
[kind-kind] /agnhost stderr: TIMEOUT

[kind-kind] Network policy is working as expected with Pod test-client-7f76ddc687-s5gc7 and Service echo-same-node
[kind-kind] /agnhost command '/agnhost connect echo-other-node:80 --timeout=5s' failed: command terminated with exit code 1
[kind-kind] /agnhost stderr: TIMEOUT

[kind-kind] Network policy is working as expected with Pod test-client-7f76ddc687-s5gc7 and Service echo-other-node
[kind-kind] Network policy deletion successful

[kanha-gupta]

Hey mentors,
Changes have been pushed.

• removed policy.go as some functions are removed and some are put in test files

[kanha-gupta]

Hey mentors, Changes have been pushed :)

[kanha-gupta]

Changes are pushed :)
also when tests are being executed, runAgnhostcommand function is used to execinpod and currently It takes around 12 seconds in my local environment to complete the test as we need error to determine the NP tests are successful.I believe it is because of the timeout period ?
is there a way to improve this ?

[antoninbas]

Changes are pushed :) also when tests are being executed, runAgnhostcommand function is used to execinpod and currently It takes around 12 seconds in my local environment to complete the test as we need error to determine the NP tests are successful.I believe it is because of the timeout period ? is there a way to improve this ?

Yes, please use the --timeout flag to set a smaller timeout, e.g., 3s
See documentation for the connect command: https://pkg.go.dev/k8s.io/kubernetes/test/images/agnhost#section-readme

[kanha-gupta]

Changes are pushed :) also when tests are being executed, runAgnhostcommand function is used to execinpod and currently It takes around 12 seconds in my local environment to complete the test as we need error to determine the NP tests are successful.I believe it is because of the timeout period ? is there a way to improve this ?

Yes, please use the --timeout flag to set a smaller timeout, e.g., 3s See documentation for the connect command: https://pkg.go.dev/k8s.io/kubernetes/test/images/agnhost#section-readme

Thanks a lot :)
Changes are pushed

[antoninbas]

/skip-all